privacy pets
play

Privacy & PETs Simone Fischer-Hbner SWITS PhD course, 2012 1 st - PowerPoint PPT Presentation

Oct 14, 2022 •122 likes •683 views

Privacy & PETs Simone Fischer-Hbner SWITS PhD course, 2012 1 st Session, 3rd May 2012, KTH Overview I. Privacy - Definition II. EU Directives & Basic Privacy Principles III. Privacy Issues (LBS, Social Networks, RFID...) IV.

  1. Privacy & PETs Simone Fischer-Hübner SWITS PhD course, 2012 1 st Session, 3rd May 2012, KTH

  2. Overview I. Privacy - Definition II. EU Directives & Basic Privacy Principles III. Privacy Issues (LBS, Social Networks, RFID...) IV. Introduction to PETs, Terminology V. Mix-nets

  3. I. Definition Warren & Brandeis 1890 “The right to be let alone”

  4. Definition- Alan Westin 1967 “Privacy is the claim of individuals, groups and institutions to determine for themselves, when, how and to what extent information about them is communicated to others”

  5. Privacy Dimensions  Informational self- determination  Spatial privacy

  6. II. EU Directives EU Data Protection Directive 95/46/EC Objective:  Protection of fundamental rights, freedom of individuals  Harmonsation of privacy legislation in Europe  Scope (Art. 3): applies to the processing of personal data wholly or  partly by automatic means, and to the processing otherwise than by automatic means of personal data which form part of a filing system. Personal data: any information relating to an identified or identifiable  natural person ('data subject') Does not apply for data processing for  defense, public/state security, criminal law enforcement  purely private or household activity (”household exemption”)

  7. Basic Privacy principles implemented in EU-Directive 95/46/EC  Legitimisation by law, informed consent (Art. 7 EU Directive)  Data minimisation and avoidance (Art. 6 I c,e)  Data must be adequate, relevant, not excessive & anonymised as soon as possible  Purpose specification and purpose binding (Art. 6 I b) • ”Non - sensitive” data do not exist !

  8. Example for Purpose Misuse  Lidl Video Monitoring Scandal

  9. Basic privacy principles (II)  No processing of ” special categories of data ” (Art. 8)  Transparency , rights of data subjects  to be informed (Art.10)  to be notified, if data have not been obtained from the data subject (Art.11)  of access to data (Art.12 a)  of correction of incorrect data / erasure or blocking of illegally stored data (Art.12b)  to object to direct marketing (Art.14)

  10. Basic privacy principles (III)  Requirement of security mechanisms (Art.17)  Sanctions (Art.24)  Restricted personal data transfer from EU to third countries (Art. 25)

  11. Basic privacy principles (IV)  Supervision (Art. 28): Supervisory authorities  monitor compliance  act upon complaints  be consulted when drawing up data protection regulations  draw up regularly reports

  12. Is it necessary to publish photos to the whole world Privacy Principles (instead of having restricted access for parents, students, in Practice etc. )? Purpose not well specified Policy is not directly accessible and website did actually not exist!

  13. EU Directive 2002/58/EC on privacy and electronic communications  Confidentiality of communications (Art.5):  No interception/surveillance without the data subject’s consent  Protection against cookies, spyware, web- bugs (“right to refuse”)

  14. EU Directive 2002/58/EC on privacy and electronic communications (cont.)  Traffic data (Art.6):  Must be erased or made anonymous upon completion of transmission  Processing for billing purposes permissible  Processing for the purposes of value added services/marketing with the consent of the subscriber/user

  15. EU Directive 2002/58/EC on privacy and electronic communications (cont.)  Location data other than Traffic data (Art.9):  May only be processed when made anonymous, or with the informed consent of the user/subscriber  Where consent has been obtained, the user/subscriber must still have possibility of temporarily refusing the processing of location data Problem: Also Location Data within Traffic Data can be very sensitive

  16. EU Directive 2002/58/EC on privacy and electronic communications (cont.)  Unsolicited communications (Art.13): Opt-in system for electronic mail for direct marketing (so- called “spam”) Problem: US American CAN-SPAM Act of 2003 requires only Opt-out system, no SPAM legislation in most countries

  17. Data Retention according to EU Directives 2002/58/EC and 2006/24/EC  Art.15 of EU-Directive 2002/58/EC:  allows member states to adopt laws for data retention for safeguarding security, defence, law enforcement  Data Retention Directive 2006/24/EC:  Requires telco companies to retain traffic and location data for 6-24 months Problems/Questions:  Appropriate ?  Threat to online privacy: Traffic data contains mainly ”fingerprints” of non-criminal users  Criminals find ways ”around”  Will anonymisation service providers be forced to collect more data than they would normally collect ?

  18. New e-Privacy Directive, 2009/136/EC amending Directive 2002/58/EC  Enacted on 18 Dec 2009, to be implemented by June 2011  Main changes:  Privacy Breach Notification  Requirement to implement a security policy, adopt measures to restrict access to personal data, and to protect against data breaches  More strict SPAM legislation  Consent for the placement of cookies

  19. Newly proposed EU Data Protection Rules (Data Protection Regulation proposed 25 January 2012) Single set of data protection rules , valid across the EU, and  if data are processed abroad by companies active in the EU market. One DPA in charge. ”Right to be forgotten”  Right to ”data portability”  Easier exercising of data subject rights (electronically, in  relation to all recipients) Explicitly given consent , more transparency of data  handling, easy-to-understand policies Increased accountability, privacy breach notification, higher  penalites (up to 2% of global annual turnover) Privacy impact assessment (PIA)  Privacy by Design (PbD) , Privacy by Default 

  20. III. Privacy Issues  Global networks, cookies, webbugs, spyware,...  Location-based Services (LBS)  Ambient Intelligence, RFID...  Cloud Computing  Social Networks  Smart Grids  Video Surveillance

  21. LBS - Risks  Unsolicited tracking of user’s position, movements  Unsolicited Profiling  Disclosure of the user’s current context  Disclosure of social networks Source: Lother Fritsch & Rannenberg, GUF

  22. Smart Grids Picture source: Wikipedia

  23. Smart Metering – Privacy Risks Each electrical  appliance has its own fingerprint Provides information  about when someone is at home, cooks, watches TV, takes a shower, etc. Allows real-time  surveillance Of interest for  burglars, insurance companies, law enforcement,… Source: Smart Metering & Privacy, Elias Leake Quinn, 2009

  24. The RFID consumer privacy problem Wig Here’s model #4456 Replacement hip (cheap medical part #459382 Mr. Jones polyester) in 2020… Das Kapital and Communist- party handbook 1500 Euros in wallet Serial numbers: 30 items 597387,389473 … of lingerie Source:Ari Juels, RSA Laboratories

  25. …and the tracking problem Wig serial #A817TS8 Mr. Jones pays with a credit card; his RFID tags now linked to  his identity Mr. Jones attends a political rally; law enforcement scans his  RFID tags Mr. Jones wins Turing Award; physically tracked by paparazzi  via RFID

  26. Privacy Risks of Social Networks  Intimate personal details about social contacts, personal life, etc.  The Internet never forgets completely....  Not only accessible by ”friends”

  27. Freddi Staur (ID fraudster)

  28. Identity Theft – ”Face Rape”

  29. Privacy Risks of Social Networks – Social Network Analysis Social Network Analysis/Profiling by: • Employers • Schools/Universities • Tax authorities • Law Enforcement • Insurances • Hackers •…..

  30. Art.29 Data Protection Working Party – Opinion 5/2009 on online social networking Who is the data controller?  SNS providers  Users ?   No: if ”household exemption” applies  Yes: If SNS is used beyond a purely personal/houshold activity (e.g., as a  collaboration platform for a company) When access to profile information extends beyond self- selected ”friends”  (e.g., access is given to all SNS members) – unless exemptions apply for journalistic purposes What are obligations of data controllers?  Appropriate technical and organisational security measures   SNS should offer privacy-friendly default settings Informed consent by other individual concerned  Information to be provided by SNS   Information about the SNS identity, purposes (Art.10 EU Directive)  SNS users should be advised by SNS to obtain informed consent before uploading information/pictures about others

  31. IV. Introduction to Privacy-Enhancing Technologies (PETs)  Law alone is not sufficient for protecting privacy in our Network Society  PETs needed for implementing Law  PETs for empowering users to exercise their rights

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

www.privitar.com Engineering Privacy London, UK WHY ARE ORGANISATIONS SLOW TO ADOPT PETS?

www.privitar.com Engineering Privacy London, UK WHY ARE ORGANISATIONS SLOW TO ADOPT PETS?

www.privitar.com Engineering Privacy London, UK WHY ARE ORGANISATIONS SLOW TO ADOPT PETS? Differential Privacy as a case study Theresa Stadler, SuRI at EPFL 2018 What are you talking about? Everybody wants data privacy as fast as

604 views • 38 slides
In PETs we trust: Gaps between

In PETs we trust: Gaps between

In PETs we trust: Gaps between privacy enhancing technologies and informa=on privacy law Claudia Diaz KU Leuven COSIC RWC,

429 views • 13 slides
Pets Evacuation and Transportation Standards Act From Wikipedia, the free encyclopedia The Pets

Pets Evacuation and Transportation Standards Act From Wikipedia, the free encyclopedia The Pets

Stafford Act 403 (a)(3)(J)- Household Pet Shelters Shelters shall be provided for disaster victims with service animals and pets. This is also in conjunction with the PETS Act Pets Evacuation and Transportation Standards Act (PETS Act) Mandates

189 views • 7 slides
Privacy Enhancing Techniques for Smart Grids PETs PhD Course 4 th Session Valentin Tudor

Privacy Enhancing Techniques for Smart Grids PETs PhD Course 4 th Session Valentin Tudor

Privacy Enhancing Techniques for Smart Grids PETs PhD Course 4 th Session Valentin Tudor October 18th, 2012 Karlstad Chalmers University of Technology Dept. of Computer Science and Engineering Computer Science and Engineering Department

1.03k views • 41 slides
Presentation Exemplar 1: Cube Side A What are the most common pets? There are many different

Presentation Exemplar 1: Cube Side A What are the most common pets? There are many different

Presentation Exemplar 1: Cube Side A What are the most common pets? There are many different kinds of pets. Some of the most common pets are dogs, cats, birds, fish, and furry animals. Some of the least common pets are skunks and raccoons.

358 views • 5 slides
1 PETS can be used to track funds from not only government sources, but also from donors. Different

1 PETS can be used to track funds from not only government sources, but also from donors. Different

In this presentation, we will move on from the basics of PETS, which we covered in the last topic, to the major steps involved in the implementation of a PETS. 1 PETS can be used to track funds from not only government sources, but also from

588 views • 15 slides
Presentation Exemplar 3: Flip Book Page 1: What are the most common pets? There are many

Presentation Exemplar 3: Flip Book Page 1: What are the most common pets? There are many

Presentation Exemplar 3: Flip Book Page 1: What are the most common pets? There are many different kinds of pets. Some of the most common pets are dogs, cats, birds, fish, and furry animals. Some of the least common pets are skunks and

138 views • 3 slides
PETS Town Hall 18th Privacy Enhancing Technologies Symposium Rachel Greenstadt Kostas

PETS Town Hall 18th Privacy Enhancing Technologies Symposium Rachel Greenstadt Kostas

PETS Town Hall 18th Privacy Enhancing Technologies Symposium Rachel Greenstadt Kostas Chatzikokolakis (2017-2018) (2019-2020) Damon McCoy Carmela Troncoso (2017-2018) (2018-2019) Logistics Hike Please confirm Bring filled form

455 views • 8 slides
INTRODUCING PETS AT WORK 1 WHY PETS AT WORK? Employees say > Dogs help to reduce workplace

INTRODUCING PETS AT WORK 1 WHY PETS AT WORK? Employees say > Dogs help to reduce workplace

INTRODUCING PETS AT WORK 1 WHY PETS AT WORK? Employees say > Dogs help to reduce workplace stress > It improves work/life balance > Pets at Work creates a more relaxed environment People cant stop > Having dogs in the office

432 views • 8 slides
Privacy-preserving Wi-Fi Analytics Barcelona, Spain PETS 2018 Mathieu Cunche Sbastien Gambs

Privacy-preserving Wi-Fi Analytics Barcelona, Spain PETS 2018 Mathieu Cunche Sbastien Gambs

Privacy-preserving Wi-Fi Analytics Barcelona, Spain PETS 2018 Mathieu Cunche Sbastien Gambs Mohammad Alaggan Antidot, France (Work done while at Inria Lyon, France) Univ Lyon, Inria, France Universit du Qubec

691 views • 26 slides
PETS components and waveguide PETS components and waveguide connections CLIC W CLIC Workshop

PETS components and waveguide PETS components and waveguide connections CLIC W CLIC Workshop

PETS components and waveguide PETS components and waveguide connections CLIC W CLIC Workshop 2007 k h 2007 David Carrillo Index A design to connect PETS with accelerating structures will be discussed choke flange And also we will deal

266 views • 14 slides
New ecological solution for pets 100% flax Pet Litter These are Lars and Lena. Their pets a

New ecological solution for pets 100% flax Pet Litter These are Lars and Lena. Their pets a

New ecological solution for pets 100% flax Pet Litter These are Lars and Lena. Their pets a cat and a chinchilla. They live in Sweden. 1 million and 4 thousands cats are registered in Sweden (according to the Novus survey). What are

239 views • 13 slides
What Do Pets Need to be Healthy and Happy? Sam Smith What Do Pets Need to be Healthy and Happy?

What Do Pets Need to be Healthy and Happy? Sam Smith What Do Pets Need to be Healthy and Happy?

What Do Pets Need to be Healthy and Happy? Sam Smith What Do Pets Need to be Healthy and Happy? For my research I selected the essential question, What do pets need to be healthy and happy? This question interested me because my family

287 views • 10 slides
People helping pets, pets helping people A1 Petline A1 Petline was started in 1995 by a

People helping pets, pets helping people A1 Petline A1 Petline was started in 1995 by a

People helping pets, pets helping people A1 Petline A1 Petline was started in 1995 by a small group of people who cared about animals and humans and also enjoyed fundraising. We are an information service to help pet owners solve any

369 views • 10 slides
A Quality of Life Company for People and Pets Cannabis Grow Hemp for Pets * Application in

A Quality of Life Company for People and Pets Cannabis Grow Hemp for Pets * Application in

A Quality of Life Company for People and Pets Cannabis Grow Hemp for Pets * Application in Process * Sold in each Jurisdiction DISCLAIMER This Presentation (the Presentation) has been prepared solely The forward-looking statements

304 views • 12 slides
Pets A pet is a type of animal that usually lives with people in a house. People have lots of

Pets A pet is a type of animal that usually lives with people in a house. People have lots of

Pets A pet is a type of animal that usually lives with people in a house. People have lots of different animals as pets! Pets need lots of love and special care. Can you name any animals that can be pets? Dogs There are lots of different

260 views • 13 slides
Belfast CryptoParty Online Privacy Tips @pgmaynard July 2015 Privacy? I dont have

Belfast CryptoParty Online Privacy Tips @pgmaynard July 2015 Privacy? I dont have

Belfast CryptoParty Online Privacy Tips @pgmaynard July 2015 Privacy? I dont have anything to hide. Heres my email address. What I want you to do when you get home is email me the passwords to all of your email accounts, not

623 views • 33 slides
Outline Transient execution covert channels (contd) OS trust and assurance CSci 5271

Outline Transient execution covert channels (contd) OS trust and assurance CSci 5271

Outline Transient execution covert channels (contd) OS trust and assurance CSci 5271 Introduction to Computer Security Announcements intermission Transient Execution, OS Assurance, and Networks Brief introduction to networking Stephen

554 views • 7 slides
Beyond I Fought The Law Educating Law Enforcement about Privacy Services Adam Shostack

Beyond I Fought The Law Educating Law Enforcement about Privacy Services Adam Shostack

Beyond I Fought The Law Educating Law Enforcement about Privacy Services Adam Shostack (Presented at PET2003) Motivation n 3 Years at Zero Knowledge Systems n Freedom Network didnt succeed n Problems was sales, not law enforcement n

653 views • 18 slides
Mixminion Designing a Type-III Anonymous Remailer Protocol Nick Mathewson nickm@freehaven.net

Mixminion Designing a Type-III Anonymous Remailer Protocol Nick Mathewson nickm@freehaven.net

Mixminion Designing a Type-III Anonymous Remailer Protocol Nick Mathewson nickm@freehaven.net Our Goals Fix holes in Mixmaster (Type-II) remailers Conservative design Working implementation; deployed network Our Adversary

447 views • 9 slides
Benchmarking Broadband Internet Performance Srikanth Sundaresan, Walter de Donato, Nick

Benchmarking Broadband Internet Performance Srikanth Sundaresan, Walter de Donato, Nick

Benchmarking Broadband Internet Performance Srikanth Sundaresan, Walter de Donato, Nick Feamster, Renata Teixeira, Antonio Pescape What is the Performance of Network Access Links? Previous Performance Studies Study from outside Dischinger et

462 views • 24 slides
HERMEVENT: A News Collection for Emerging-Event Detection Cristiano Di Crescenzo a Giulia Gavazzi

HERMEVENT: A News Collection for Emerging-Event Detection Cristiano Di Crescenzo a Giulia Gavazzi

Introduction Dataset Algorithm Evaluation Conclusion HERMEVENT: A News Collection for Emerging-Event Detection Cristiano Di Crescenzo a Giulia Gavazzi a Giacomo Legnaro a Elena Troccoli a Ilaria Bordino b Francesco Gullo b a Sapienza

564 views • 23 slides
Short term Measures Improving community health services for CKD-u. W.M.Palitha Bandara (

Short term Measures Improving community health services for CKD-u. W.M.Palitha Bandara (

Short term Measures Improving community health services for CKD-u. W.M.Palitha Bandara ( MBBS,MSc in Med ad and management). Regional Director of Health Services . Anuradhapura. outlines Describe the magnitude of the CKD-u Why

973 views • 58 slides
Introduction to Mobile Computing 1 Presentation Outline What is mobile computing?

Introduction to Mobile Computing 1 Presentation Outline What is mobile computing?

Introduction to Mobile Computing 1 Presentation Outline What is mobile computing? Comparison to wired networks Why go mobile? Types of wireless devices Mobile objects Moving object databases (MOD) Query language

1.39k views • 72 slides

More recommend